Cybersecurity: Self-Awareness for Your Self-Protection By James P. Freeman “Attackers may set their sights on large industrial plants, factory floors, traffic signs and transit systems, and shut down banking systems.” – Frank Abagnale Jr. (Scam Me If You Can: Simple Strategies to Outsmart Today’s Rip-Off Artists, 2019) While the film “Catch Me If You Can” (2002) took some liberties with his life story, Frank Abagnale Jr. did pose as an airline pilot, a doctor, a lawyer, a Federal Bureau of Investigation (FBI) agent -- and other roles as a wily impostor -- all between the ages of 15 to 21. Later, he served a prison sentence for cashing $2.5 million in forged checks in 27 countries during his criminal years. But Abagnale left the dark side. His imprisonment was reduced (from 12 to 4 years) by his becoming an unpaid consultant to the FBI. And he subsequently founded Abagnale & Associates. The firm advises on fraud prevention. Its clients include financial institutions, large corporations, and law enforcement agencies. Today, Abagnale teaches at the FBI academy and is an ambassador to AARP’s Fraud Watch Network. He is recognized as one of the world’s most respected authorities on forgery, embezzlement, and secure documents. And he has some ideas about the growing menace of cybercrime. Abagnale told thinkadvisor.com in 2019, “You have to be a smarter consumer and wiser businessperson today.” Cybersecurity is back in the headlines again. On May 7, 2021, Colonial Pipeline, an American oil pipeline system that includes storage facilities, suffered a ransomware cyberattack. The ensuing criminal act forced the shutdown of one of the largest pipelines in the U.S. -- carrying 45 percent of the East coast’s fuel supplies and running 5,500 miles, which transports gasoline, diesel fuel, and jet fuel from Texas, running up the East coast to as far away as New York -- in an effort to contain the breach of its computer network. Like every business today, computers run Colonial’s operations. And like any command and control system that relies on the internet, such communication and information are vulnerable to nefarious activity. The result of this particular hack? Chaos. National media reported gas shortages, panic buying and price gouging. And The Wall Street Journal reported that the company agreed to pay $4.4 million dollars to the hackers (purportedly a group called Darkside) who sent the company software to effectively unlock and regain control of its systems. Normal operations resumed nearly 10 days after the initial attack. This incident revealed certain vulnerabilities in America’s infrastructure. The heavily populated East and Southeast coasts have very few refineries and must rely upon a pipeline system to distribute its fuel needs. Furthermore, the latest cyberattack is confirmation of Abagnale’s prescient warning from two years ago: Infrastructure is now a prime target for attack. In the wake of the highly publicized Colonial hack, President Joe Biden issued an executive order to improve cybersecurity and create a blueprint for a more comprehensive federal government response to cyberattacks. Currently, and not uniformly, the FBI and Secret Service (due to the financial aspect of these crimes) are tasked with dealing with this increasing problem. A Ransomware Task Force recently issued a report to the Biden administration on how to combat this scourge. The report notes that companies hit by an attack took on average 287 days to fully recover. The Colonial matter has once again cast a white hot spotlight on the ransomware, in particular, and cybersecurity, in general. Ransomware has skyrocketed since 2012 when the advent of bitcoin and other cryptocurrencies made it difficult to track and ultimately block payments. And, unsurprisingly, as businesses shifted to remote work for employees during the COVID-19 pandemic, it became apparent that many remote systems may not have been as secure as first thought. As a result, according to The Washington Post, 2,400 businesses, schools, hospitals, and government agencies were hit by ransomware in 2020 alone. As Aretha Franklin sang in 1985, “Who’s Zoomin’ Who?” On June 1, 2021, The New York Times realized the following: “Now, even small-time criminal syndicates and low-skilled hackers can pose a potential national security threat. Ransomware is easily obtained off the shelf, and virtually anyone can load it into a compromised computer system using YouTube tutorials or with the help of groups like DarkSide. Customer support is included.” Darkside was reportedly behind the Colonial Pipeline attack and is now believed to have shut down on its own accord. In the past, though, Darkside employed technique known as “ransomware-as-a-service.” In this scenario it would partner with so-called affiliates who would actually conduct the attack. The affiliates would receive the lions share of the ransom proceeds. Even if Darkside has effectively disband, that should hardly give anyone comfort as bad actors will likely regroup and rename themselves. Cyber extortion has become more prevalent. And, notably, insurance policies covering ransomware became commonly available only about five or six years ago. More and more data reveal the financial damage done. According to Chainalysis, a blockchain analysis firm, ransomware gangs made at least $350 million in 2020, a 311% increase in payments recorded over 2019. The FBI received nearly 500,000 complaints of suspected cybercrimes in 2019, with reported losses exceeding $3.5 billion. And even more astounding, Cybersecurity Ventures predicted late last year that cybercrime would cost the world $6 trillion in 2021 (up from $3 trillion in 2015). Last May, CBS News reported a “thriving” cybercrime environment and presented even more insights on the cost of these kinds of data breaches during the pandemic. The average cost of a data breach soared to $21,659, per incident, with most incidents ranging from as little as $800 to more than $650,000, based on information gathered by a recent Verizon report. And 5 percent of successful attacks cost businesses $1 million or more. CNA Financial is one of those businesses. Just days after Colonial was recovering from the attack on its operations, Bloomberg reported that CNA Financial, one of the country’s largest insurers, paid $40 million to hackers to regain control of its systems after it suffered a ransomware attack in March. Yes, there is curious irony that certain attacks which garner more publicity may seemingly require less direct ransom (notwithstanding indirect societal costs, like a spike in gas prices) while lesser known attacks may seemingly require more ransom. But that is largely coincidental. Hackers actually do their homework and any discrepancy in ransom amounts is not, in reality, generally determined at random. Hackers are able to penetrate a given entity’s records -- such as email, and other entry points -- and may be able to roam undetected and unfettered for long periods of time. Accordingly, they effectively research the hacked target thereby allowing them to get a better sense of the entity’s ability to pay. Ransomware cyberattacks have clearly attracted much media attention of late. These attacks tend to be directed at the organizational level. But data breaches are a type of cyberattack that may have their greatest impact at the individual level. The number of data breaches is just as alarming as ransomware incidents. In March 2021, statista.com reported that in 2020 the number of data breaches in the United States came in at a total of 1001 cases. “Meanwhile,” statista says, “over the course of the same year over 155.8 million individuals were affected by data exposures -- that is, accidental revelation of sensitive information due to less-than-adequate information security.” Remarkably, these figures represent a decline in number of cases and individuals affected reported in the years 2016 through 2019. Still, the trends over the last fifteen years continue to be disturbing. A sampling of the most notorious hacks during this timeframe is instructive for their breadth and depth of repercussions; they cut a wide swath of industry and sector. In every citation listed below (breach occurrence in parentheticals) at least one of three characteristics, if not more, were present: malicious attack, human error, system faults. Consider: * TJX Companies [TJ Maxx, Marshalls] (Oct. 2007) - 94 million customers affected, MasterCards and VISA Cards compromised. * Yahoo (late 2014) - 500 million users impacted. Several different largescale breaches of email, physical addresses, passwords, phone numbers, real names, dates-of-birth. Made public in September 2016. * Ebay (May 2014) - 145 million users. * Equifax (July 2017) - 143 million users. Included exposure of 209,000 consumer credit card details. * Target (December 2013) - 41 million customers. * Uber (late 2016) - 57 million users and 600,000 drivers. People outside the company accessed data on a third-party cloud-based service that Uber utilized; breach made public in Nov. 2017. * Capital One (June - July 2019) - 100 million customers’ personal information compromised at one of the country’s largest banks. The breach included 140,000 stolen social security numbers and 80,000 bank account numbers, and tens of millions of credit card accounts. The hacker had formerly worked for Amazon Web Services (the cloud-hosting company), which hosted the bank’s database. * Marriott International (starting in 2014) - 500 million guests’ data breached. The breach originally occurred on the support systems of Starwood Hotels. Marriott bought Starwood in 2016. Incredibly, perpetrators stayed in the network and were not discovered until Sept. 2018. Contact details, passport numbers, and travel details were among the information compromised. The breach was revealed in Nov. 2018. * Facebook (supposedly fixed in August 2019) - Globally, 533 million Facebook users’ data was exposed to the internet. The company allowed two apps to access its users’ stored personal information on insecure servers without proper security measures.
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages8 Page
-
File Size-